[PLUG] PostgreSQL configuration.

Mark Allyn allyn at well.com
Mon Mar 29 18:43:02 UTC 2004


I think that it's best to use password autentication for the
database user account for the web-cgi.

You would have to have the password embedded in one of the
cgi scripts, but you can have that script only executable by
the cgi user and not readable.

It is also best to have the web server on a separate machine
from the database server.

The database server should be on a lan that is not accessable
from the public internet. It should only have accounts for the
system administrator and the DBA. It should only have the
postgres port open to the web server. All other ports should
be blocked from the web server.  (Port 25 for ssh, used for
maintenance, should be only available from an inside host or
accessible via port knocking).

This way, if the web server is hacked, the person would be
in the web server as the www-user (or nobody, if so configured)
and could not:

1. Get into the database as the password in in a read locked
file

2. Get into any other postgres account because all the
postgres accounts are set to password access via the
pg_hba.conf file.

3. Get onto the postgres server itself without somehow
cracking in via the postgres port (hopefuly you will keep
postgresql up to current version).

Good Luck!

Mark Allyn





More information about the PLUG mailing list